ARN

HP gets Common Criteria certification for Red Hat Linux

Integrity, ProLiant, and BladeSystem platforms receive the Evaluation Assurance Level 4 for RHL 5

HP says a broad range of its computer hardware running Red Hat Enterprise Linux 5 has been examined and certified as compliant under the international Common Criteria product-evaluation program backed by the U.S. government and sometimes required for government technology acquisitions.

HP's Integrity, ProLiant, and BladeSystem platforms, as well as workstations and desktops, have received the Evaluation Assurance Level 4 (EAL4+) Common Criteria security certification for Red Hat Enterprise Linux 5, the version of the operating system released last March. EAL4+ is the highest level of security that unmodified commercial software can achieve. Higher rankings to level 7 typically involve highly customized systems designed for maximum-security government purposes.

However, Erik Lillestolen, program manager for open source and Linux at HP, noted that the Zen-based technology for virtualization that's part of Red Hat Linux 5, was not tested under the Common Criteria program.

"Nobody has included the virtualization technology yet," he added about the Common Criteria security evaluation program, which is backed by several countries as a multinational testing regimen.

HP submitted its computer gear for evaluation at Atsec, a certified lab under the U.S. government program known as the National Information Assurance Partnership (NIAP), a collaborative effort among the National Institute of Standards and technology (NIST) and the National Security Agency (NSA) which administers the Common Criteria program in the United States.

The EAL4+ certification level for unmodified commercial products assures that they work with security "profile" requirements, such as the Controlled Access Protection Profile, the Role-based Access Control protection Profile and the labeled Security protection profile. Lillestolen noted that the lab review entailed an inspection of source code and evaluation of how software performed on hardware platforms.

Come socialise with us! Facebook | LinkedIn

More about: Hewlett-Packard, HP, National Security Agency, NSA, Red Hat

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
ARN Directory | Distributors relevant to this article
Alloys , ASI Solutions , Australasian PC Distributors (APCD) , Australian IT Spares , Avnet Technology Solutions , Banksia Software , Bluechip Infotech , Dicker Data , ICT Distribution , Impact Systems Technology , Lynx Technologies , Synnex Australia , Topstar Computer International , XiT Distribution , Xpress I.T. , Dynamic Supplies , Fusion Power Systems , Sektor
ARN Directory | Vendors relevant to this article
Red Hat , HP
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/transition-systems-australia/2010-12-09_354_polycom
Transition Systems Australia

Polycom

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.